How is my data secured?
Your data is sent to our systems in an encrypted format called SSL, so that nobody except the intended viewer can intercept or read the data. This is the same encryption process used by credit card companies, banks, brokerage institutions and the military.

How does SSL Work?
The client visits a secure web site. The first operation that is performed is server side authentication, this is very important as it ensures that the user is connected to the correct site, and not an impostor.

The server authenticates by signing a challenge with its private key which is then verified within the clients PC. The authenticity of the key is verified by the issuing authority, Verisign or Valicert for example, which are known and trusted within Microsoft and Netscape browsers.

The second element having confirmed the Servers identity is to setup the secure link between client and server. This is done by exchanging a symmetrical encryption key (usually 128 bit) in a secure way. The key is randomly generated by the client PC and encrypted using the public key of the server (previously exchanged during the server authentication process). The only way of decrypting this is by having the corresponding private key, which is known only to the server.

For commercial transaction RSA advises 1024 bit asymmetrical keys be used to ensure adequate security of these transactions. Having received the session key in a secure environment both the client PC and the server can now encrypt using a shared symmetrical encryption key.